You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@hc.apache.org by "Alexander Bernstein (JIRA)" <ji...@apache.org> on 2015/09/23 21:09:04 UTC

[jira] [Commented] (HTTPCLIENT-1685) PublicSuffixDomainFilter.match() returns true for any simple host name.

    [ https://issues.apache.org/jira/browse/HTTPCLIENT-1685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14905051#comment-14905051 ] 

Alexander Bernstein commented on HTTPCLIENT-1685:
-------------------------------------------------

What's a workaround meanwhile?

> PublicSuffixDomainFilter.match() returns true for any simple host name.
> -----------------------------------------------------------------------
>
>                 Key: HTTPCLIENT-1685
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1685
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient
>    Affects Versions: 4.5
>            Reporter: Alexander Bernstein
>            Priority: Minor
>              Labels: newbie
>             Fix For: 4.5.2
>
>
> HttpClient built by HttpClientBuilder ends up with publicSuffixMatcher created by PublicSuffixMatcherLoader.getDefault(). Later on, this object gets passed to CookieSpecRegistries.createDefault(publicSuffixMatcherCopy), if the cookieSpecRegistry is not set explicitly.
> With this scenario, using simple host names (i.e. a name without a dot character, such as "server1" ) fails. 
> The reason seems to be the org.apache.http.impl.cookie.PublicSuffixDomainFilter.match(Cookie, CookieOrigin). This method returns a boolean indicating whether the domain is in the blacklist. 
> For any host name that is not a "localhost", the PublicSuffixMatcher.matches() is called, on line 76. This method returns true for any hostname that does not contain a dot charcter. Which causes the return false, on line 77. 
> Is this a correct behavior? If my server is called "server1", why should its name "match" a public suffix? And how do I make this code to recognize simple host names like this? If this is an expected behavior, is there a documented way to prevent it?



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org